This is an automated email from the git hooks/post-receive script.
simo pushed a change to branch master in repository gssproxy.
from 0c04bee Appease clang with memset instead of initializer new 4c2925d Fix two leaks in gp_get_cred_environment() new faceac5 Fix leak of localname in gp_export_creds_linux()
The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference.
Summary of changes: proxy/src/gp_creds.c | 18 +++++++++--------- proxy/src/gp_export.c | 4 +++- 2 files changed, 12 insertions(+), 10 deletions(-)
This is an automated email from the git hooks/post-receive script.
simo pushed a commit to branch master in repository gssproxy.
commit 4c2925d2aa0b7256b53eb61ef072c4685f728bd2 Author: Robbie Harwood rharwood@redhat.com Date: Tue Sep 27 20:50:59 2016 +0000
Fix two leaks in gp_get_cred_environment()
Signed-off-by: Robbie Harwood rharwood@redhat.com Reviewed-by: Simo Sorce simo@redhat.com --- proxy/src/gp_creds.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/proxy/src/gp_creds.c b/proxy/src/gp_creds.c index 446c7d8..8280ef2 100644 --- a/proxy/src/gp_creds.c +++ b/proxy/src/gp_creds.c @@ -248,7 +248,7 @@ static int gp_get_cred_environment(struct gp_call_ctx *gpcall, int ret = -1; int k_num = -1; int ck_num = -1; - int c, d; + int d;
memset(cs, 0, sizeof(gss_key_value_set_desc));
@@ -354,7 +354,6 @@ static int gp_get_cred_environment(struct gp_call_ctx *gpcall, ret = ENOMEM; goto done; } - c = 0; for (d = 0; d < svc->krb5.cred_count; d++) { p = strchr(svc->krb5.cred_store[d], ':'); if (!p) { @@ -366,9 +365,9 @@ static int gp_get_cred_environment(struct gp_call_ctx *gpcall, }
if (strncmp(svc->krb5.cred_store[d], "client_keytab:", 14) == 0) { - ck_num = c; + ck_num = cs->count; } else if (strncmp(svc->krb5.cred_store[d], "keytab:", 7) == 0) { - k_num = c; + k_num = cs->count; }
ret = asprintf(&str, "%.*s", (int)(p - svc->krb5.cred_store[d]), @@ -377,19 +376,20 @@ static int gp_get_cred_environment(struct gp_call_ctx *gpcall, ret = ENOMEM; goto done; } - cs->elements[c].key = str; + cs->elements[cs->count].key = str;
fmtstr = p + 1; - cs->elements[c].value = get_formatted_string(fmtstr, target_uid); - if (!cs->elements[c].value) { + cs->elements[cs->count].value = + get_formatted_string(fmtstr, target_uid); + if (!cs->elements[cs->count].value) { + safefree(str); GPDEBUG("Failed to build credential store formatted string.\n"); ret = ENOMEM; goto done; }
- c++; + cs->count++; } - cs->count = c;
/* when a user is not explicitly requested then it means the calling * application wants to use the credentials in the standard keytab,
This is an automated email from the git hooks/post-receive script.
simo pushed a commit to branch master in repository gssproxy.
commit faceac530f415c96d8698c1321711aa30fc5b3c1 Author: Robbie Harwood rharwood@redhat.com Date: Tue Sep 27 21:21:25 2016 +0000
Fix leak of localname in gp_export_creds_linux()
Signed-off-by: Robbie Harwood rharwood@redhat.com Reviewed-by: Simo Sorce simo@redhat.com Merges #33 --- proxy/src/gp_export.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/proxy/src/gp_export.c b/proxy/src/gp_export.c index 256e84a..41af67b 100644 --- a/proxy/src/gp_export.c +++ b/proxy/src/gp_export.c @@ -700,7 +700,7 @@ static uint32_t gp_export_creds_enoent(uint32_t *min, gss_buffer_t buf) static uint32_t gp_export_creds_linux(uint32_t *min, gss_name_t name, gss_const_OID mech, gss_buffer_t buf) { - gss_buffer_desc localname; + gss_buffer_desc localname = {}; uint32_t ret_maj; uint32_t ret_min; struct passwd pwd, *res; @@ -767,6 +767,7 @@ static uint32_t gp_export_creds_linux(uint32_t *min, gss_name_t name, case ENOENT: case ESRCH: free(pwbuf); + gss_release_buffer(&ret_min, &localname); return gp_export_creds_enoent(min, buf); default: ret_min = ret; @@ -817,6 +818,7 @@ done: } free(pwbuf); *min = ret_min; + gss_release_buffer(&ret_min, &localname); return ret_maj; }
gss-proxy@lists.fedorahosted.org